Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 1.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-3281
Cross-site scripting (XSS) vulnerability in index.php in Php Hosting Biller 1.0 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Php Hosting Biller Php Hosting Biller 1.0
1 EDB exploit
3.6
CVSSv2
CVE-2008-1734
Interpretation conflict in PHP Toolkit prior to 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unqu...
Gentoo Php Toolkit
Gentoo Php Toolkit 1.0
6.8
CVSSv2
CVE-2007-5308
SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter in a show action.
Php Homepage M Php Homepage M 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-3558
The posix_mkfifo function in ext/posix/posix.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 5.2.5
Php Php 4.3.7
Php Php 4.2.2
Php Php
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
Php Php 4.3.11
3.3
CVSSv2
CVE-2011-1072
The installer in PEAR prior to 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Php Pear 0.9
Php Pear 1.3.4
Php Pear 1.2.1
Php Pear 1.3.3.1
Php Pear 1.4.2
Php Pear 1.0.1
Php Pear 1.0
Php Pear 1.2
Php Pear 1.5.0
Php Pear 1.3
Php Pear 0.90
Php Pear 1.5.1
Php Pear 1.4.0
Php Pear 1.4.1
Php Pear 1.3.5
Php Pear
Php Pear 1.3.6
Php Pear 1.3.3
Php Pear 1.3.1
Php Pear 0.2.2
Php Pear 0.10
Php Pear 1.6.1
3.3
CVSSv2
CVE-2011-1144
The installer in PEAR 1.9.2 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists be...
Php Pear 0.9
Php Pear 1.3.4
Php Pear 1.2.1
Php Pear
Php Pear 1.3.3.1
Php Pear 1.4.2
Php Pear 1.0.1
Php Pear 1.0
Php Pear 1.2
Php Pear 1.5.0
Php Pear 1.3
Php Pear 0.90
Php Pear 1.5.1
Php Pear 1.9.1
Php Pear 1.4.0
Php Pear 1.4.1
Php Pear 1.3.5
Php Pear 1.3.6
Php Pear 1.3.3
Php Pear 1.3.1
Php Pear 0.2.2
Php Pear 0.10
5
CVSSv2
CVE-2007-1460
The zip:// URL wrapper provided by the PECL zip extension in PHP prior to 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote malicious users to read ZIP archives located outside of the intended directories.
Php Php 4.3.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
5
CVSSv2
CVE-2009-3557
The tempnam function in ext/standard/file.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 5.2.5
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
Php Php 4.3.11
7.5
CVSSv2
CVE-2006-2098
PHP remote file inclusion vulnerability in Thumbnail AutoIndex prior to 2.0 allows remote malicious users to execute arbitrary PHP code via (1) README.html or (2) HEADER.html.
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.3
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.2.1
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.4
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.2.4
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.2
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.0
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.2.3
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.2.2
Php Thumbnail Autoindex Php Thumbnail Autoindex 1.1
4.6
CVSSv2
CVE-2006-3011
The error_log function in basic_functions.c in PHP prior to 4.4.4 and 5.x prior to 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
Php Php 4.3.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
Php Php 4.3.11
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »